A new wave of ransomware – Petya virus

You might have already heard about the peculiarities of ransomware viruses. In case you are still unaware of these threats, you should know about its dangers and the damage they inflict. Thus, in this article, we will introduce a recently launched virus – Petya. Like the majority of other notorious viruses, it attacks user’s personal data and encrypts it. The only way to retrieve the encrypted information seems to be paying the ransom. However, we would like to warn you not to fall into the trap of the cyber criminals. Spending several hundreds of dollars might be a complete waste of money. Furthermore, specialists have concluded that the virus targets mainly German-speaking users. Nonetheless, it might be just a matter of time since the virus appears at your doorstep. Thus, you should get acquainted with the removal ways of Petya.

Several similarities and differences of Petya ransomware arise when we start comparing it with other infamous threats, such as Locky or TeslaCrypt 4.0 virus. This particular virus uses a sophisticated RSA-4096 algorithm which is said to be used for encrypting top secret military files. Though it also locks out your personal data, however, it operates in a slightly different way. Petya spreads via spam containing a Dropbox attachment entitled as “application folder-gepackt.exe.” After you open it, the virus gets into the system and starts searching for encryptable files. In order for Petya ransomware to succeed in it, it needs to reboot your system. After the operating system shuts down, the words flash on your screen alerting you not to unplug your computer from a power supply. You might start panicking as your personal files are threatened. After the white skull flashes on your screen encouraging you to press any key, a ransom note appears demanding a decryption key. It would be wiser to behave contrary to the expectations of cyber criminals and detach the computer from an electricity socket. This might prevent Petya encrypting all the files.

Additionally, the virus aims to modify your reboot files which are responsible for the fluent launch of the operating system. These files are alternatively known as master reboot records as well. Unless you restore them, you might struggle to delete the virus. However, rest assured as there is a solution to this seemingly hopeless situation. It has been reported that IT specialists have discovered a flaw in this virus and developed a method to decrypt the files without making a transaction. Furthermore, if you obtain a powerful anti-spyware program, it will remove Petya ransomware. Lastly, after you manage to get rid of the virus, you should scan your system anew to make sure that any suspicious application does not reside on your system. We also recommend performing regular back-ups of your personal files.

This entry was posted
on Tuesday, April 19th, 2016 at 4:02 am and is filed under Malware, Security.
You can follow any responses to this entry through the RSS 2.0 feed.
Both comments and pings are currently closed.